Hi
      we are facing the problem while integrating zoho CRM API for our form submission, means our web page form submission will insert the zoho database. To implement this we are using (https://crm.zoho.com/crm/private/xml/Leads/insertRecords?newFormat=1&authtoken=Auth Token&scope=crmapi).

       what will happen if some one somehow hacks the URL which has the authcode? and they can post whatever they like.
So to prevent this is there any way to generate the dynamic auth code for each request when we are trying to post the data to zoho database.we came across the authcode generation by ((https://accounts.zoho.com/apiauthtoken/nb/create?SCOPE=ZohoCRM/crmapi&EMAIL_ID=username&PASSWORD=application_password). But this method requires password to send for generating the authcode.That also fails our security measures.

Can some one please guide me regarding this approach, since we need to pass the security measures by avoiding the above possibilities.